Agile Application Security

Enabling Security in a Continuous Delivery Pipeline

Book Description

Agile continues to be the most adopted software development methodology among organizations worldwide, but it generally hasn't integrated well with traditional security management techniques. And most security professionals aren't up to speed in their understanding and experience of agile development. To help bridge the divide between these two worlds, this practical guide introduces several security tools and techniques adapted specifically to integrate with agile development.

Written by security experts and agile veterans, this book begins by introducing security principles to agile practitioners, and agile principles to security practitioners. The authors also reveal problems they encountered in their own experiences with agile security, and how they worked to solve them.

Add security practices to each stage of your existing development lifecycle; Integrate security with planning, requirements, design, and at the code level; Include security testing as part of your team's effort to deliver working software in each release; Implement regulatory compliance in an agile or DevOps environment; Build an effective security program through a culture of empathy, openness, transparency, and collaboration.